1
Regtech Proof of Concept
Peer to Peer KYC Solution
Background
KYC is one of the big talking points when it comes to regulations and regtech. KYC is
done by financial institutions to identify the person or company they will be dealing
with. KYC is one of the solutions to reduce and detect Anti money laundering
activities. Therefore it is crucial to make sure KYC is done in an effective and timely
manner.
Problem to be solved
KYC is huge area where financial institutions have been facing trouble to come up
with a viable solution. According to Fernergo, financial institutions on average spend
30-35 Million on KYC costs per year. We need to come up with a cost saving
solution that also makes the process secure and reliable to be implemented across
banks.
The Fernergo survey also mentions the huge amount of time taken by banks to
onboard corporate customers, on average they 30-60 days per customer. The
current processes are time consuming, involve huge costs, error prone as there is
still manual work being done.
Banks have been penalized by regulatory authorities, when they don’t comply with
regulatory norms. Bank have to follow strict KYC rules due to which banks lose
business if a client is unsatisfied. On top of that they have to pay hefty penalties if
don’t comply. There has never been a central database which can be accessed by
different bank departments when data is needed. This causes delay in the KYC
process.
The KYC problem issue grows larger when a person operates multiple accounts with
different banks, this complicates the matters furthur since now all these accounts
need to be tracked and verified if they are legit or being used for money laundering
purposes.
Sometimes due tod different authorities in different countries issue different types of
documents, which causes difficulties for the banks to create a single verifiable identity
for the customer, which again costs time effort and potential loss of business.
According to Refinitiv, The estimated cost of money laundered across the globe
every year is a breathtaking 6.7% of global GDP, equivalent to $5.8 trillion. Therefore
a proper KYC and AML system needs to be in place, to be able to detect these
transactions and stop them at source. KYC is a subset of anti money laundering
framework, and has a huge effect on this framework when we are able to identify
whether an account belongs to an actual person or he/she is a fake account being
used for money laundering.
According to Refinitiv, documents must be verified to ensure that they are not
fraudulent, but further elements to consider include:
2






Are the customers screened sanctions, other watchlists, PEPs, as per the risk
appetite?
Are they screened against adverse media?
Does the solution generate a transparent risk score for each customer?
Are the checks being completed in real time and is there a review workflow?
Are liveness and facial matching checks conducted?
Is the data available in machine-readable format for backend systems to
consume?
This is a long process that should be done deligently. Therefore the banks afford to
go easy on the process, which causes them to be extra causious which in turn
increase the amount of false positives that come out from the process.
One of the biggest issues during the KYC process is getting false positives which
takes extra time and resources to solve and investigate. Firms cannot ignore these
false positives as they might get fines from the regulators if anything goes wrong.
Another challenge faced by financial institutions is Siloed data, wherein different
departments of the firm are not able to access data quickly from other departments
which causes different risk decisions for customers, which inturn causes a lot of
confusion.
A lot of KYC procedures are done manually which are error prone. Even if there is a
maker checker system, there are chances of checker making a mistake, this maybe
the cause for huge fine from a regulator towards the institution.
Transaction analysis is done to see if there are any red flags, but the data is raw
data, and often inside an excel file which would lot of manual analysis to get it done.
Since all transactions are of different nature as well as frequency, going through each
transaction for accuracy can be time consuming. If banks are not unable to use
descriptive statistics, instead of going through all transactions one by one, this could
cost money as well as time for the bank.
Institutions continue to face difficulties with the authenticity and reliability of global
sanctions lists since customer information and names are frequently maintained in
various formats across numerous databases and there are frequently not enough
sources to allow for accurate name matching. This makes it more difficult for
institutions to integrate various data sources together for investigative reasons and
discover ownership arrangements.
Additionally, a significant number of false positives may be produced as a result of
incomplete and poor quality data. This is a problem in especially for international
correspondent banking transactions because a mistake in a bank's name might result
in several false positives throughout the entire chain of institutions.
Huge backlogs that must be manually investigated might be caused by
unmanageable numbers of false positives. If ignored, these raise the risk of
regulatory compliance.
3
Name screening is difficult enough for those using novel AI capabilities, however,
many institutions still rely on legacy technology with more primitive matching logic,
further increasing the likelihood of generating false positives when identifying risks.
Worse still, institutions using manual methods for name screening lack the ability to
check names at scale and can quickly become overwhelmed with onboarding
volumes.
Institutions cross-check or "screen" the names of people, organisations, or other
entities against national or international sanctions lists as part of the onboarding
process. Various public lists are made available worldwide. For instance, the UK
government publishes the UK Sanctions List, which contains information about those
who have been targeted by the Sanctions Act.
Names are checked against sanctions lists as part of regular customer monitoring at
intervals determined by the risk that the consumer poses to the company from
financial crime.The names of counter-parties and payment beneficiaries must be
compared to sanctions lists in order to screen payments and other transactions on a
regular basis.
To provide a detailed view of client activities, transaction monitoring analyses both
historical and recent customer transactions. This is a more sophisticated method of
spotting behavioural patterns linked to sanction evasion.
The client relationship must be terminated, connected transactions must be stopped,
relevant assets must be frozen, and the occurrence must be reported to the
appropriate national authorities if matches to sanctioned entities are found (e.g.
OFAC, OFSI).
Due to the complexity of the present sanctions environment and the frequently
lengthy delay times or a lack of data necessary to make knowledgeable judgements
on a customer or client profile, current techniques of identification are insufficient to
manage and reduce sanctions risk.
Even though many current AML (anti-money laundering) and KYC (know your
customer) processes are comprehensive, involving numerous stakeholders and
verification steps, there are numerous manual tasks that must be finished before
verifying and monitoring individuals and institutions, which can cause delays and
inaccuracies.
It is possible for missing data to occur when processing profiles and transactions on
older systems, which results in a missing picture when analysing partners or clients.
There is a lack of standardisation or a single source of truth from which information
can be gathered on customers and companies across markets. Depending on the
resources allotted, some institutions have better KYC, compliance, and due diligence
programmes than others.
Solution
Peer to Peer KYC looks promising. Building a P2P platform, where existing
customers get an incentive to do the KYC for the bank and they get rewarded in a
4
cryptocurrency(created for the sole purpose of this) which then can be used to avail
bank services as well as exchange it for any other currency in the open market. This
platform can then be linked to a blockchain where, one person does the KYC of the
particular customer and other look at the outcome from the result of the KYC and
give their consensus to the approval or rejection of the KYC. The person doing the
main due diligence would be paid more than the other people who are just providing
their consensus, that is how we can encourage more existing customers to help with
the KYC process. This platform can then be integrated with bank’s system so the
KYC decisions go through additional layer of security which will be bank’s
experienced employees.
The people who will be conducting the KYC will chosen randomly, so there is no way
of the customer knowing who will be doing their KYC, which will possibly prevent the
chance of people bribing other people to clear them. And of course, another level of
security is added but the consesus machanism from the blockchain. All the accepted
KYCs would be saved as blocks on the blockchain and the rejected ones would go
through an additional KYC requirement from another person to reduce the risk of
human error made by the first person.
This solution will have to be integrated with the banks website or app wherein the
KYC process is carried out in the front, like data collection etc. Once the data
collection process is done, our solution will set up a KYC process and assign one of
the peer participats to the new customer that needs to onboarded. Once all the
checks are done the files would go to the nodes for their consensus,these nodes will
have multiple option from which they can choose which data point needs to focused
on. For example, driving license, these nodes would have the option to check dates,
name, whether the document submitted is an original. If consensus is achieved, then
the file is recorded on the block as an accepted customer. Then banks can proceed
to open their account. This database would be accessible by banks and they can
also check if any customers that had red flags and they got approved after rejection,
just to be on the safe side.
The integration with legacy systems might be difficult because each bank has their
own way of doing things, but therefore we need to focus on the solution being flexible
enough to be adopted by various banks.
Problems P2P KYC can solve :



Time saving – If we are able to properly incentivize the existing customers to
carry out the KYC process, it would speed up the onboarding process as huge
amounts of customers would be interested a bit of extra money for some work.
Cost effective – Bank would need to invest a lot in building the infrastructure,
but in the long run this would be more cost effective as it would cut down lots
of costs.
Dectecting and dealing with false positives - Since there is a consensus
machanism behind the process, the false positives would detected and solved
quickly. This would reduce the customer onboarding time and save money for
the bank.
5

The blockchain can be a shared database – Banks can this database between
one another and which could pave the way for “Single KYC” wherein a person
completes KYC once and never has to do it again as the database is shared
and different banks and companies can just pull out the data from this
database and complete the KYC.
Challenges P2P KYC can face while implementation :



Training the customers – Training the customers to carry out the KYC process
could make it troublesome for the bank. These could be huge costs if they
aren’t automated, for example bank employees currently handling the process
record videos regarding the processes.
Data privacy – The customers that are participating in the incentize
programme would be handling a lot of customer onboarding data, which could
be risky considering the aren’t the bank’s employees. But this could be solved
with an agreement between bank and the participants before they start the
programme.
Development of the Crytocurrency – The crytocurrency would need to be of
some value so we could able to incentivize people into P2P KYC, which could
be difficult as it depends on demand and supply. Maybe we could implement it
as stable coins linked to bank’s reserves.